Open
Description
Various ORMs (e.g. SQLAlchemy, Django) enable pass-thru execution of raw SQL queries. We need to consider these methods when finding and fixing potential SQL injection vulnerabilities. In the Django ORM specifically, this is enabled via the .raw
method: https://docs.djangoproject.com/en/5.0/topics/db/sql/#performing-raw-sql-queries